US20090327090A1 - Application hierarchy and state manipulation - Google Patents

Application hierarchy and state manipulation Download PDF

Info

Publication number
US20090327090A1
US20090327090A1 US12/145,506 US14550608A US2009327090A1 US 20090327090 A1 US20090327090 A1 US 20090327090A1 US 14550608 A US14550608 A US 14550608A US 2009327090 A1 US2009327090 A1 US 2009327090A1
Authority
US
United States
Prior art keywords
node
software
instance
state data
application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US12/145,506
Other versions
US8538889B2 (en
Inventor
Ajay Arvind Bhave
Mark Walter Zagorski
Tarik Soulami
Brian S. Perlman
Ning Zhang
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Priority to US12/145,506 priority Critical patent/US8538889B2/en
Assigned to MICROSOFT CORPORATION reassignment MICROSOFT CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: BHAVE, AJAY ARVIND, PERLMAN, BRIAN S., SOULAMI, TARIK, ZAGORSKI, MARK WALTER, ZHANG, NING
Publication of US20090327090A1 publication Critical patent/US20090327090A1/en
Application granted granted Critical
Publication of US8538889B2 publication Critical patent/US8538889B2/en
Assigned to MICROSOFT TECHNOLOGY LICENSING, LLC reassignment MICROSOFT TECHNOLOGY LICENSING, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MICROSOFT CORPORATION
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/105Arrangements for software license management or administration, e.g. for managing licenses at corporate level
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/125Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
    • G06F21/126Interacting with the operating system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0601Electronic shopping [e-shopping]

Definitions

  • OEMs original equipment manufacturers
  • Fine tuning of the application installation can trigger an activation timer, so OEMs are permitted to reset the activation timer in order for the customer to fully enjoy a grace period associated with the activation timer.
  • the process of resetting the activation timer can be referred to as “rearming”.
  • Rearming applications is also useful when a customer desires to have an extended grace time period.
  • customers may desire to have an extended grace period in order to fully evaluate the application.
  • the activation timer can be rearmed one or more times per application.
  • a system administrator for a large enterprise can obtain a copy of a suite of applications to evaluate without activation. If the system administrator desires to evaluate the suite for ninety days without activation, with a standard activation grace timer of thirty days, the system administrator can run a rearm tool to reset the grace timer every thirty days. The reset would generally have no effect on an absolute evaluation expiration of the suite.
  • An application hierarchy is a tree structure that represents logical product offering(s), for example, of software application(s).
  • An instance of the application hierarchy can be stored on a client computer to facilitate enforcement of software licensing by a software license component of a software protection system.
  • the application hierarchy is a tree structure (e.g., unordered) that includes a top node, one or more product offering group(s), and, one or more selling unit(s).
  • a product offering group can be an intermediate level of organization of selling unit(s), for example, product(s) such as application(s) sold in similar channel(s), based on commonality of offering and/or similarities in an enforcement mechanism.
  • An identifier can be assigned to each node of the application hierarchy.
  • state data and/or property(ies) of a particular node can be accessed (e.g., through an application program interface (API)) of the software license component via the assigned identifier.
  • API application program interface
  • a rearm count associated with a particular node can be accessed through the application program interface via the assigned identifier.
  • the application hierarchy can, for example, represent an entire application suite, where the top node represents the product and the product offering group(s) represents logical selling and/or marketing unit(s).
  • the top node, product offering group and/or the selling unit(s) can have associated state data, for example, license property(ies) that can be accessible for manipulation.
  • the state data can facilitate the assignment of license rights to selling units of a particular product offering group.
  • a product uniqueness group can include selling unit(s) from one or more product offering group(s).
  • product uniqueness group(s) can be used to reduce operational complexity when selling units sold in different channels interface with a backend server in a particular manner.
  • a single deployment can interface with the selling units of a particular product uniqueness group.
  • a computer-implemented software protection system can facilitate enforcement of software licensing on a client computer.
  • the software protection system includes a software license component that can store and enforce software licensing rule(s).
  • the software license component can further manipulate state data of an instance of the application hierarchy stored in a licensing data store via application program interface(s) (APIs). State data and/or property(ies) of a particular node of the instance of the application hierarchy can be accessed through the API via an assigned identifier.
  • APIs application program interface(s)
  • FIG. 1 illustrates an application hierarchy
  • FIG. 2 illustrates a computer-implemented software protection system.
  • FIG. 3 illustrates a computer-implemented software validation system.
  • FIG. 4 illustrates a computer-implemented method of protecting software.
  • FIG. 5 illustrates a computer-implemented method of protecting software.
  • FIG. 6 illustrates a computer-implemented method facilitating software validation.
  • FIG. 7 illustrates a computing system operable to execute the disclosed architecture.
  • FIG. 8 illustrates a computing environment operable to execute the disclosed architecture.
  • An application hierarchy is a tree structure that represents logical product offering(s), for example, of software application(s).
  • An instance of the application hierarchy can be stored on a client computer to facilitate enforcement of software licensing by a software license component of a software protection system.
  • the application hierarchy is a tree structure (e.g., unordered) that includes a top node, one or more product offering group(s), and, one or more selling unit(s).
  • a product offering group can be an intermediate level of organization of selling unit(s), for example, product(s) such as application(s) sold in similar channel(s), based on commonality of offering and/or similarities in an enforcement mechanism.
  • An identifier can be assigned to each node of the application hierarchy.
  • state data and/or property(ies) of a particular node can be accessed (e.g., through an application program interface (API)) of the software license component via the assigned identifier.
  • API application program interface
  • a rearm count associated with a particular node can be accessed through the application program interface via the assigned identifier.
  • FIG. 1 illustrates an application hierarchy 100 .
  • the application hierarchy 100 is a tree structure that represents logical product offering(s), for example, of software application(s).
  • an instance of the application hierarchy 100 can be stored on a client computer (not shown) to facilitate enforcement of software licensing, as discussed in greater detail below.
  • the application hierarchy 100 is a tree structure (e.g., unordered) that includes a top node 110 , one or more product offering group(s) 120 , and, one or more selling unit(s) 130 .
  • a product offering group 120 can be an intermediate level of organization of selling unit(s) 130 , for example, product(s) such as application(s) sold in similar channel(s), based on commonality of offering and/or similarities in an enforcement mechanism.
  • the application hierarchy 100 can represent an application suite, where the top node 110 represents the product and the product offering group(s) 120 represents logical selling and/or marketing unit(s). It is to be appreciated that while only one level of product offering group(s) 120 is illustrated in the application hierarchy 100 of FIG. 1 , the application hierarchy 100 can include one or more levels of product offering group(s) 120 .
  • the selling unit(s) 130 e.g., leaf node(s) of the tree) represent specific selling units in each of the channels.
  • an identifier e.g., globally unique identifier (GUID)
  • GUID globally unique identifier
  • state data and/or property(ies) of a particular node can be accessed (e.g., through an application program interface (API)) via the assigned identifier.
  • API application program interface
  • a rearm count associated with a particular node can be accessed through an application program interface via the assigned identifier.
  • the top node 110 can represent a suite of products
  • the product offering group 120 can represent one or more logic selling channels (e.g., retail, OEM, etc.).
  • the selling unit(s) 130 can represent a physical selling unit of the suite of products (e.g., word processor application, spreadsheet application, database application, email application, etc.).
  • the top node 110 , product offering group 120 and/or the selling unit(s) 130 can have associated state data, for example, license property(ies) that can be accessible for manipulation.
  • the state data can facilitate the assignment of license rights to selling units 130 of a particular product offering group 120 .
  • a particular product offering group 120 can have a rearm count associated with the particular product offering group 120 .
  • rearm is a method to restore a particular system to an initial inactivated state by resetting a grace timer and other data protected by a security processor (e.g., a component designed to store and protect data).
  • a rearm generally clears a timer at a particular level (e.g., top node 110 , product offering group 120 or selling unit 130 ), but only up to a specific number of allowances (e.g., rearm count).
  • a particular product offering group 120 can have a rearm count of five.
  • Selling unit(s) 130 associated with the particular product offering group 120 can likewise have an initial rearm count of five, based on the rearm count associated with the particular product offering group 120 .
  • data associated with the selling unit(s) 130 can be separately manipulated.
  • an actual number of rearms performed may be different. For example, an OEM can choose to rearm a particular selling unit 130 three times while choosing to rearm a different selling unit 130 two times.
  • a product uniqueness group 140 can include selling unit(s) 130 from one or more product offering group(s) 120 .
  • a retail offering of a word processing application and an OEM offering of a word processing application can be grouped under a word processing product uniqueness group 140 .
  • product uniqueness group(s) 140 can be used to reduce operational complexity when selling units 130 sold in different channels interface with a backend server in a particular manner.
  • a single deployment can interface with the selling units 130 of a particular product uniqueness group 140 .
  • a validation server can deploy a single validation template for the product uniqueness group 140 .
  • the single validation template can be used to validate selling units 130 of the product uniqueness group 140 .
  • FIG. 2 illustrates a computer-implemented software protection system 200 .
  • the software protection system 200 can facilitate enforcement of software licensing on a client computer.
  • the software protection system 200 includes a software license component 210 that can store and enforce software licensing rule(s).
  • the software license component 210 can further manipulate state data of an instance of the application hierarchy 100 stored in a licensing data store 220 via application program interface(s) (APIs) 230 .
  • State data and/or property(ies) of a particular node of the instance of the application hierarchy 100 can be accessed, for example, through the API 230 via an assigned identifier.
  • the software protection system 200 can be a component of a client computer.
  • the software license component 210 can reside on a server computer system while the licensing data store 220 is stored on a client computer.
  • the software protection system 200 can be a component of a server computer system.
  • the software license component 210 stores software licensing rule(s) providing for manipulation of state data of the application hierarchy 100 recursively in a top-down manner and not in a bottom-up manner.
  • a state change at a higher level node e.g., product offering group 120
  • child node(s) e.g., selling unit(s) 130
  • a rearm at a particular product offering group 120 causes a rearm on selling unit(s) 130 associated with the particular product offering group 120 .
  • a property indicating an estimation of non-genuineness associated with a particular product offering group 120 causes all selling unit(s) associated with the particular product offering group 120 to be considered non-genuine.
  • a state change at a particular selling unit 130 deterministically affects the particular selling unit 130 .
  • the effect, if any, on associated product offering group 120 and/or top node 110 can be defined by a rule.
  • a rearm of a particular selling unit 130 does not automatically cause a corresponding increase in a rearm count of an associated product offering group 120 .
  • a rule can provide for rearm counts of other selling unit(s) 130 of the associated product offering group 120 to be decreased.
  • a determination that a particular selling unit 130 is non-genuine does not automatically mean that an associated product offering group 120 is non-genuine.
  • a rule can provide for propagation of a non-genuine property from a selling unit 130 to another selling unit of the same product offering group 120 (e.g., non-genuine property of word processing propagated to spreadsheet application).
  • FIG. 3 illustrates a computer-implemented software validation system 300 .
  • the software validation system 300 includes a web-based validation component 310 which communicates with a client computer 320 , for example, via the Internet.
  • the client computer 320 includes a software protection system 200 having a software license component 210 and a licensing data store 220 , as discussed previously.
  • the client computer 320 can communicate with the web-based validation component 310 based upon an event, for example, a client computer request for an update, request for template etc.
  • the software protection system 200 can provide information to the web-based validation component 310 based upon state data of an instance of the application hierarchy 100 stored in the licensing data store 220 , for example, a genuine property of word processing application.
  • the web-based validation component 310 can provide additional information to the software protection system 200 to affect behavior of the client computer 320 .
  • the web-based validation component 310 can block access to web-based resource(s) such as software update(s), template(s) and/or disable selling unit(s) 130 associated with a particular product offering group 120 , if one or more selling units 130 are reported to be non-genuine.
  • the web-based validation component 310 can determine mismatched selling units 130 .
  • a retail version of a word processing application and an OEM version of a spreadsheet application can be determined.
  • the web-based validation component 310 can provide information to the client computer 320 , for example, regarding correction of the mismatched selling units 130 .
  • the web-based validation component 310 can further provide information regarding inconsistent installation of selling unit(s) 130 , for example, retail and OEM versions of a word processing application installed on the client computer 320 .
  • the web-based component 310 can further provide information to a user to facilitate correction of identified problem(s).
  • application hierarchy 100 While use of the application hierarchy 100 has been described with respect to software protection and software licensing enforcement, those skilled in the art will recognize that the application hierarchy 100 can be employed to facilitate software inventory tracking, software asset management and the like.
  • FIG. 4 illustrates a computer-implemented method of protecting software. While, for purposes of simplicity of explanation, the one or more methodologies shown herein, for example, in the form of a flow chart or flow diagram, are shown and described as a series of acts, it is to be understood and appreciated that the methodologies are not limited by the order of acts, as some acts may, in accordance therewith, occur in a different order and/or concurrently with other acts from that shown and described herein. For example, those skilled in the art will understand and appreciate that a methodology could alternatively be represented as a series of interrelated states or events, such as in a state diagram. Moreover, not all acts illustrated in a methodology may be required for a novel implementation.
  • a request for state data associated with a node of an instance of an application hierarchy is received.
  • the state data can be a rearm count associated with a selling unit 130 .
  • state data associated with the node of the application hierarchy is obtained, for example, from a license data store 220 .
  • the requested state data is provided, for example, to a web-based validation component 310 and/or a software protection system.
  • FIG. 5 illustrates a computer-implemented method of protecting software.
  • a request to modify state data associated with a node of an instance of an application hierarchy is received.
  • state data associated with the node is modified based on the request to modify.
  • the modified state data can be stored, for example, in a license data store 200 .
  • FIG. 6 illustrates a computer-implemented method facilitating software validation.
  • a request for a resource e.g., template, upgrade, etc.
  • a web-based validation component for example, by an application.
  • a request for validation information regarding one or more nodes of an instance of an application hierarchy is received (e.g., from the web-based validation component).
  • the validation information can be associated with one or more selling units 130 , a product offering group 120 and/or a top node 110 .
  • validation information is provided based upon state data stored in the node(s).
  • a determination is made as to whether validation information provides that the node(s) are valid. If the determination at 606 is YES, at 608 , the requested resource is received, and, the method ends. If the determination at 606 is NO, at 610 , information is received from the web-based component, and, the method ends.
  • a component can be, but is not limited to being, a process running on a processor, a processor, a hard disk drive, multiple storage drives (of optical and/or magnetic storage medium), an object, an executable, a thread of execution, a program, and/or a computer.
  • a component can be, but is not limited to being, a process running on a processor, a processor, a hard disk drive, multiple storage drives (of optical and/or magnetic storage medium), an object, an executable, a thread of execution, a program, and/or a computer.
  • an application running on a server and the server can be a component.
  • One or more components can reside within a process and/or thread of execution, and a component can be localized on one computer and/or distributed between two or more computers.
  • FIG. 7 a block diagram of a computing system 700 operable to execute the disclosed software protection system is illustrated.
  • FIG. 7 and the following discussion are intended to provide a brief, general description of a suitable computing system 700 in which the various aspects can be implemented. While the description above is in the general context of computer-executable instructions that may run on one or more computers, those skilled in the art will recognize that a novel embodiment also can be implemented in combination with other program modules and/or as a combination of hardware and software.
  • program modules include routines, programs, components, data structures, etc., that perform particular tasks or implement particular abstract data types.
  • inventive methods can be practiced with other computer system configurations, including single-processor or multiprocessor computer systems, minicomputers, mainframe computers, as well as personal computers, hand-held computing devices, microprocessor-based or programmable consumer electronics, and the like, each of which can be operatively coupled to one or more associated devices.
  • the illustrated aspects may also be practiced in distributed computing environments where certain tasks are performed by remote processing devices that are linked through a communications network.
  • program modules can be located in both local and remote memory storage devices.
  • Computer-readable media can be any available media that can be accessed by the computer and includes volatile and non-volatile media, removable and non-removable media.
  • Computer-readable media can comprise computer storage media.
  • Computer storage media includes volatile and non-volatile, removable and non-removable media implemented in any method or technology for storage of information such as computer-readable instructions, data structures, program modules or other data.
  • Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital video disk (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by the computer.
  • the computing system 700 for implementing various aspects includes a computer 702 , the computer 702 including a processing unit 704 , a system memory 706 and a system bus 708 .
  • the system bus 708 provides an interface for system components including, but not limited to, the system memory 706 to the processing unit 704 .
  • the processing unit 704 can be any of various commercially available processors. Dual microprocessors and other multi-processor architectures may also be employed as the processing unit 704 .
  • the system bus 708 can be any of several types of bus structure that may further interconnect to a memory bus (with or without a memory controller), a peripheral bus, and a local bus using any of a variety of commercially available bus architectures.
  • the system memory 706 includes read-only memory (ROM) 710 and random access memory (RAM) 712 .
  • ROM read-only memory
  • RAM random access memory
  • a basic input/output system (BIOS) is stored in the read-only memory 710 such as ROM, EPROM, EEPROM, which BIOS contains the basic routines that help to transfer information between elements within the computer 702 , such as during start-up.
  • the RAM 712 can also include a high-speed RAM such as static RAM for caching data.
  • the computer 702 further includes an internal hard disk drive (HDD) 714 (e.g., EIDE, SATA), which internal hard disk drive 714 may also be configured for external use in a suitable chassis (not shown), a magnetic floppy disk drive (FDD) 716 , (e.g., to read from or write to a removable diskette 718 ) and an optical disk drive 720 , (e.g., reading a CD-ROM disk 722 or, to read from or write to other high capacity optical media such as the DVD).
  • the internal hard disk drive 714 , magnetic disk drive 716 and optical disk drive 720 can be connected to the system bus 708 by a hard disk drive interface 724 , a magnetic disk drive interface 726 and an optical drive interface 728 , respectively.
  • the interface 724 for external drive implementations includes at least one or both of Universal Serial Bus (USB) and IEEE 1394 interface technologies.
  • the drives and their associated computer-readable media provide nonvolatile storage of data, data structures, computer-executable instructions, and so forth.
  • the drives and media accommodate the storage of any data in a suitable digital format.
  • computer-readable media refers to a HDD, a removable magnetic diskette, and a removable optical media such as a CD or DVD, it should be appreciated by those skilled in the art that other types of media which are readable by a computer, such as zip drives, magnetic cassettes, flash memory cards, cartridges, and the like, may also be used in the example operating environment, and further, that any such media may contain computer-executable instructions for performing novel methods of the disclosed architecture.
  • a number of program modules can be stored in the drives and RAM 712 , including an operating system 730 , one or more application programs 732 , other program modules 734 and program data 736 . All or portions of the operating system, applications, modules, and/or data can also be cached in the RAM 712 .
  • the software protection system 200 can be stored in the drives and/or RAM 712 . It is to be appreciated that the disclosed architecture can be implemented with various commercially available operating systems or combinations of operating systems.
  • a user can enter commands and information into the computer 702 through one or more wired/wireless input devices, for example, a keyboard 738 and a pointing device, such as a mouse 740 .
  • Other input devices may include a microphone, an IR remote control, a joystick, a game pad, a stylus pen, touch screen, or the like.
  • These and other input devices are often connected to the processing unit 704 through an input device interface 742 that is coupled to the system bus 708 , but can be connected by other interfaces, such as a parallel port, an IEEE 1394 serial port, a game port, a USB port, an IR interface, etc.
  • a monitor 744 or other type of display device is also connected to the system bus 708 via an interface, such as a video adapter 746 .
  • a computer typically includes other peripheral output devices (not shown), such as speakers, printers, etc.
  • the computer 702 may operate in a networked environment using logical connections via wired and/or wireless communications to one or more remote computers, such as a remote computer(s) 748 .
  • the remote computer(s) 748 can be a workstation, a server computer, a router, a personal computer, portable computer, microprocessor-based entertainment appliance, a peer device or other common network node, and typically includes many or all of the elements described relative to the computer 702 , although, for purposes of brevity, only a memory/storage device 750 is illustrated.
  • the logical connections depicted include wired/wireless connectivity to a local area network (LAN) 752 and/or larger networks, for example, a wide area network (WAN) 754 .
  • LAN and WAN networking environments are commonplace in offices and companies, and facilitate enterprise-wide computer networks, such as intranets, all of which may connect to a global communications network, for example, the Internet.
  • the computer 702 When used in a LAN networking environment, the computer 702 is connected to the LAN 752 through a wired and/or wireless communication network interface or adapter 756 .
  • the adapter 756 may facilitate wired or wireless communication to the LAN 752 , which may also include a wireless access point disposed thereon for communicating with the wireless adapter 756 .
  • the computer 702 can include a modem 758 , or is connected to a communications server on the WAN 754 , or has other means for establishing communications over the WAN 754 , such as by way of the Internet.
  • the modem 758 which can be internal or external and a wired or wireless device, is connected to the system bus 708 via the serial port interface 742 .
  • program modules depicted relative to the computer 702 can be stored in the remote memory/storage device 750 . It will be appreciated that the network connections shown are examples and other means of establishing a communications link between the computers can be used.
  • the computer 702 is operable to communicate with any wireless devices or entities operatively disposed in wireless communication, for example, a printer, scanner, desktop and/or portable computer, portable data assistant, communications satellite, any piece of equipment or location associated with a wirelessly detectable tag (e.g., a kiosk, news stand, restroom), and telephone.
  • any wireless devices or entities operatively disposed in wireless communication for example, a printer, scanner, desktop and/or portable computer, portable data assistant, communications satellite, any piece of equipment or location associated with a wirelessly detectable tag (e.g., a kiosk, news stand, restroom), and telephone.
  • the communication can be a predefined structure as with a conventional network or simply an ad hoc communication between at least two devices.
  • Wi-Fi Wireless Fidelity
  • Wi-Fi is a wireless technology similar to that used in a cell phone that enables such devices, for example, computers, to send and receive data indoors and out; anywhere within the range of a base station.
  • Wi-Fi networks use radio technologies called IEEE 802.11x (a, b, g, etc.) to provide secure, reliable, fast wireless connectivity.
  • IEEE 802.11x a, b, g, etc.
  • a Wi-Fi network can be used to connect computers to each other, to the Internet, and to wired networks (which use IEEE 802.3 or Ethernet).
  • the environment 800 includes one or more client(s) 802 .
  • the client(s) 802 can be hardware and/or software (e.g., threads, processes, computing devices).
  • the client(s) 802 can house cookie(s) and/or associated contextual information, for example.
  • the environment 800 also includes one or more server(s) 804 .
  • the server(s) 804 can also be hardware and/or software (e.g., threads, processes, computing devices).
  • the servers 804 can house threads to perform transformations by employing the architecture, for example.
  • One possible communication between a client 802 and a server 804 can be in the form of a data packet adapted to be transmitted between two or more computer processes.
  • the data packet may include a cookie and/or associated contextual information, for example.
  • the environment 800 includes a communication framework 806 (e.g., a global communication network such as the Internet) that can be employed to facilitate communications between the client(s) 802 and the server(s) 804 .
  • a communication framework 806 e.g., a global communication network such as the Internet
  • Communications can be facilitated via a wired (including optical fiber) and/or wireless technology.
  • the client(s) 802 are operatively connected to one or more client data store(s) 808 that can be employed to store information local to the client(s) 802 (e.g., cookie(s) and/or associated contextual information).
  • the server(s) 804 are operatively connected to one or more server data store(s) 810 that can be employed to store information local to the servers 804 .

Abstract

An instance of an application hierarchy can be stored on a client computer to facilitate enforcement of software licensing by a software license component of a software protection system. The application hierarchy is a tree structure (e.g., unordered) that includes a top node, one or more product offering group(s), and, one or more selling unit(s).
A computer-implemented software protection system can facilitate enforcement of software licensing on a client computer. The software protection system includes a software license component that can store and enforce software licensing rule(s). The software license component can further manipulate state data of an instance of the application hierarchy stored in a licensing data store via application program interface(s) (APIs). State data and/or property(ies) of a particular node of the instance of the application hierarchy can be accessed through the API via an assigned identifier.

Description

    BACKGROUND
  • Software licensing has grown increasingly complex as offerings of software products (selling units), groupings of software products, and varieties of software products have increased. Frequently, software product(s) employ a grace period during which a user can evaluate a particular software product.
  • Typically, original equipment manufacturers (OEMs) stage an application installation of a client computer on an image of an operating system and then fine tune the installation before shipping the client computer to a customer. Fine tuning of the application installation can trigger an activation timer, so OEMs are permitted to reset the activation timer in order for the customer to fully enjoy a grace period associated with the activation timer. The process of resetting the activation timer can be referred to as “rearming”.
  • Rearming applications is also useful when a customer desires to have an extended grace time period. In both retail and enterprise environments, customers may desire to have an extended grace period in order to fully evaluate the application. To facilitate this extended grace period, the activation timer can be rearmed one or more times per application.
  • For example, a system administrator for a large enterprise can obtain a copy of a suite of applications to evaluate without activation. If the system administrator desires to evaluate the suite for ninety days without activation, with a standard activation grace timer of thirty days, the system administrator can run a rearm tool to reset the grace timer every thirty days. The reset would generally have no effect on an absolute evaluation expiration of the suite.
    • SUMMARY
  • This Summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
  • An application hierarchy is a tree structure that represents logical product offering(s), for example, of software application(s). An instance of the application hierarchy can be stored on a client computer to facilitate enforcement of software licensing by a software license component of a software protection system.
  • The application hierarchy is a tree structure (e.g., unordered) that includes a top node, one or more product offering group(s), and, one or more selling unit(s). A product offering group can be an intermediate level of organization of selling unit(s), for example, product(s) such as application(s) sold in similar channel(s), based on commonality of offering and/or similarities in an enforcement mechanism.
  • An identifier can be assigned to each node of the application hierarchy. Thus, state data and/or property(ies) of a particular node can be accessed (e.g., through an application program interface (API)) of the software license component via the assigned identifier. For example, a rearm count associated with a particular node can be accessed through the application program interface via the assigned identifier.
  • The application hierarchy can, for example, represent an entire application suite, where the top node represents the product and the product offering group(s) represents logical selling and/or marketing unit(s). The top node, product offering group and/or the selling unit(s) can have associated state data, for example, license property(ies) that can be accessible for manipulation. In one example, the state data can facilitate the assignment of license rights to selling units of a particular product offering group.
  • Optionally, two or more distinct selling units can be grouped into a product uniqueness group. A product uniqueness group can include selling unit(s) from one or more product offering group(s). For example, product uniqueness group(s) can be used to reduce operational complexity when selling units sold in different channels interface with a backend server in a particular manner. Thus, instead of deploying interfaces for each distinct selling unit, a single deployment can interface with the selling units of a particular product uniqueness group.
  • A computer-implemented software protection system can facilitate enforcement of software licensing on a client computer. The software protection system includes a software license component that can store and enforce software licensing rule(s).
  • The software license component can further manipulate state data of an instance of the application hierarchy stored in a licensing data store via application program interface(s) (APIs). State data and/or property(ies) of a particular node of the instance of the application hierarchy can be accessed through the API via an assigned identifier.
  • To the accomplishment of the foregoing and related ends, certain illustrative aspects are described herein in connection with the following description and the annexed drawings. These aspects are indicative, however, of but a few of the various ways in which the principles disclosed herein can be employed and is intended to include all such aspects and their equivalents. Other advantages and novel features will become apparent from the following detailed description when considered in conjunction with the drawings.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 illustrates an application hierarchy.
  • FIG. 2 illustrates a computer-implemented software protection system.
  • FIG. 3 illustrates a computer-implemented software validation system.
  • FIG. 4 illustrates a computer-implemented method of protecting software.
  • FIG. 5 illustrates a computer-implemented method of protecting software.
  • FIG. 6 illustrates a computer-implemented method facilitating software validation.
  • FIG. 7 illustrates a computing system operable to execute the disclosed architecture.
  • FIG. 8 illustrates a computing environment operable to execute the disclosed architecture.
    •  DETAILED DESCRIPTION
  • An application hierarchy is a tree structure that represents logical product offering(s), for example, of software application(s). An instance of the application hierarchy can be stored on a client computer to facilitate enforcement of software licensing by a software license component of a software protection system.
  • The application hierarchy is a tree structure (e.g., unordered) that includes a top node, one or more product offering group(s), and, one or more selling unit(s). A product offering group can be an intermediate level of organization of selling unit(s), for example, product(s) such as application(s) sold in similar channel(s), based on commonality of offering and/or similarities in an enforcement mechanism.
  • An identifier can be assigned to each node of the application hierarchy. Thus, state data and/or property(ies) of a particular node can be accessed (e.g., through an application program interface (API)) of the software license component via the assigned identifier. For example, a rearm count associated with a particular node can be accessed through the application program interface via the assigned identifier.
  • Reference is now made to the drawings, wherein like reference numerals are used to refer to like elements throughout. In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding thereof. It may be evident, however, that the novel embodiments can be practiced without these specific details. In other instances, well-known structures and devices are shown in block diagram form in order to facilitate a description thereof.
  • Referring initially to the drawings, FIG. 1 illustrates an application hierarchy 100. The application hierarchy 100 is a tree structure that represents logical product offering(s), for example, of software application(s). For example, an instance of the application hierarchy 100 can be stored on a client computer (not shown) to facilitate enforcement of software licensing, as discussed in greater detail below.
  • The application hierarchy 100 is a tree structure (e.g., unordered) that includes a top node 110, one or more product offering group(s) 120, and, one or more selling unit(s) 130. A product offering group 120 can be an intermediate level of organization of selling unit(s) 130, for example, product(s) such as application(s) sold in similar channel(s), based on commonality of offering and/or similarities in an enforcement mechanism.
  • In one embodiment, the application hierarchy 100 can represent an application suite, where the top node 110 represents the product and the product offering group(s) 120 represents logical selling and/or marketing unit(s). It is to be appreciated that while only one level of product offering group(s) 120 is illustrated in the application hierarchy 100 of FIG. 1, the application hierarchy 100 can include one or more levels of product offering group(s) 120. The selling unit(s) 130 (e.g., leaf node(s) of the tree) represent specific selling units in each of the channels.
  • In this embodiment, an identifier (e.g., globally unique identifier (GUID)) can be assigned to each node (top node 110, product offering group(s) 120 and selling unit(s) 130) of the application hierarchy 100. Thus, state data and/or property(ies) of a particular node can be accessed (e.g., through an application program interface (API)) via the assigned identifier. For example, a rearm count associated with a particular node can be accessed through an application program interface via the assigned identifier.
  • For example, the top node 110 can represent a suite of products, the product offering group 120 can represent one or more logic selling channels (e.g., retail, OEM, etc.). Finally, the selling unit(s) 130 can represent a physical selling unit of the suite of products (e.g., word processor application, spreadsheet application, database application, email application, etc.).
  • The top node 110, product offering group 120 and/or the selling unit(s) 130 can have associated state data, for example, license property(ies) that can be accessible for manipulation. In one example, the state data can facilitate the assignment of license rights to selling units 130 of a particular product offering group 120.
  • For example, a particular product offering group 120 can have a rearm count associated with the particular product offering group 120. In one example, rearm is a method to restore a particular system to an initial inactivated state by resetting a grace timer and other data protected by a security processor (e.g., a component designed to store and protect data). A rearm generally clears a timer at a particular level (e.g., top node 110, product offering group 120 or selling unit 130), but only up to a specific number of allowances (e.g., rearm count).
  • In one embodiment, there is no implied relationship between data at higher level node and child node(s) associated with the higher level node. However, in this embodiment, data available at a higher level node is available to child node(s).
  • For example, a particular product offering group 120 can have a rearm count of five. Selling unit(s) 130 associated with the particular product offering group 120 can likewise have an initial rearm count of five, based on the rearm count associated with the particular product offering group 120. However, as noted previously, data associated with the selling unit(s) 130 can be separately manipulated. Thus, based on operation(s) performed at each level, an actual number of rearms performed may be different. For example, an OEM can choose to rearm a particular selling unit 130 three times while choosing to rearm a different selling unit 130 two times.
  • Optionally, two or more distinct selling units 130 can be grouped into a product uniqueness group 140. A product uniqueness group 140 can include selling unit(s) 130 from one or more product offering group(s) 120. For example, a retail offering of a word processing application and an OEM offering of a word processing application can be grouped under a word processing product uniqueness group 140.
  • In one embodiment, product uniqueness group(s) 140 can be used to reduce operational complexity when selling units 130 sold in different channels interface with a backend server in a particular manner. Thus, instead of deploying interfaces for each distinct selling unit 130, a single deployment can interface with the selling units 130 of a particular product uniqueness group 140.
  • Continuing with the example of a retail offering of a word processing application and an OEM offering of a word processing application grouped under a word processing product uniqueness group 140. Instead of deploying separate validation templates for each selling unit 130, a validation server can deploy a single validation template for the product uniqueness group 140. The single validation template can be used to validate selling units 130 of the product uniqueness group 140.
  • FIG. 2 illustrates a computer-implemented software protection system 200. The software protection system 200 can facilitate enforcement of software licensing on a client computer. The software protection system 200 includes a software license component 210 that can store and enforce software licensing rule(s).
  • The software license component 210 can further manipulate state data of an instance of the application hierarchy 100 stored in a licensing data store 220 via application program interface(s) (APIs) 230. State data and/or property(ies) of a particular node of the instance of the application hierarchy 100 can be accessed, for example, through the API 230 via an assigned identifier.
  • In one embodiment, the software protection system 200 can be a component of a client computer. In another embodiment, the software license component 210 can reside on a server computer system while the licensing data store 220 is stored on a client computer. In yet another embodiment, the software protection system 200 can be a component of a server computer system.
  • In one embodiment, the software license component 210 stores software licensing rule(s) providing for manipulation of state data of the application hierarchy 100 recursively in a top-down manner and not in a bottom-up manner. Thus, a state change at a higher level node (e.g., product offering group 120) has a ripple effect on child node(s) (e.g., selling unit(s) 130).
  • For example, a rearm at a particular product offering group 120 causes a rearm on selling unit(s) 130 associated with the particular product offering group 120. Similarly, a property indicating an estimation of non-genuineness associated with a particular product offering group 120 causes all selling unit(s) associated with the particular product offering group 120 to be considered non-genuine.
  • In this embodiment, a state change at a particular selling unit 130 deterministically affects the particular selling unit 130. The effect, if any, on associated product offering group 120 and/or top node 110 can be defined by a rule.
  • In one example, a rearm of a particular selling unit 130 does not automatically cause a corresponding increase in a rearm count of an associated product offering group 120. However, a rule can provide for rearm counts of other selling unit(s) 130 of the associated product offering group 120 to be decreased.
  • Similarly, in another example, a determination that a particular selling unit 130 is non-genuine does not automatically mean that an associated product offering group 120 is non-genuine. However, a rule can provide for propagation of a non-genuine property from a selling unit 130 to another selling unit of the same product offering group 120 (e.g., non-genuine property of word processing propagated to spreadsheet application).
  • FIG. 3 illustrates a computer-implemented software validation system 300. The software validation system 300 includes a web-based validation component 310 which communicates with a client computer 320, for example, via the Internet. The client computer 320 includes a software protection system 200 having a software license component 210 and a licensing data store 220, as discussed previously.
  • For example, the client computer 320 can communicate with the web-based validation component 310 based upon an event, for example, a client computer request for an update, request for template etc. The software protection system 200 can provide information to the web-based validation component 310 based upon state data of an instance of the application hierarchy 100 stored in the licensing data store 220, for example, a genuine property of word processing application.
  • In this example, while the software license component 210 can enforce software licensing rules as discussed previously, the web-based validation component 310 can provide additional information to the software protection system 200 to affect behavior of the client computer 320. For example, the web-based validation component 310 can block access to web-based resource(s) such as software update(s), template(s) and/or disable selling unit(s) 130 associated with a particular product offering group 120, if one or more selling units 130 are reported to be non-genuine.
  • Additionally, the web-based validation component 310 can determine mismatched selling units 130. For example, a retail version of a word processing application and an OEM version of a spreadsheet application. The web-based validation component 310 can provide information to the client computer 320, for example, regarding correction of the mismatched selling units 130.
  • The web-based validation component 310 can further provide information regarding inconsistent installation of selling unit(s) 130, for example, retail and OEM versions of a word processing application installed on the client computer 320. The web-based component 310 can further provide information to a user to facilitate correction of identified problem(s).
  • While use of the application hierarchy 100 has been described with respect to software protection and software licensing enforcement, those skilled in the art will recognize that the application hierarchy 100 can be employed to facilitate software inventory tracking, software asset management and the like.
  • FIG. 4 illustrates a computer-implemented method of protecting software. While, for purposes of simplicity of explanation, the one or more methodologies shown herein, for example, in the form of a flow chart or flow diagram, are shown and described as a series of acts, it is to be understood and appreciated that the methodologies are not limited by the order of acts, as some acts may, in accordance therewith, occur in a different order and/or concurrently with other acts from that shown and described herein. For example, those skilled in the art will understand and appreciate that a methodology could alternatively be represented as a series of interrelated states or events, such as in a state diagram. Moreover, not all acts illustrated in a methodology may be required for a novel implementation.
  • At 400, a request for state data associated with a node of an instance of an application hierarchy is received. For example, the state data can be a rearm count associated with a selling unit 130.
  • At 402, state data associated with the node of the application hierarchy is obtained, for example, from a license data store 220. At 404, the requested state data is provided, for example, to a web-based validation component 310 and/or a software protection system.
  • FIG. 5 illustrates a computer-implemented method of protecting software. At 500, a request to modify state data associated with a node of an instance of an application hierarchy is received. At 502, state data associated with the node is modified based on the request to modify. The modified state data can be stored, for example, in a license data store 200.
  • FIG. 6 illustrates a computer-implemented method facilitating software validation. At 600, a request for a resource (e.g., template, upgrade, etc.) is provided to a web-based validation component, for example, by an application. At 602, a request for validation information regarding one or more nodes of an instance of an application hierarchy is received (e.g., from the web-based validation component). For example, the validation information can be associated with one or more selling units 130, a product offering group 120 and/or a top node 110.
  • At 604, validation information is provided based upon state data stored in the node(s). At 606, a determination is made as to whether validation information provides that the node(s) are valid. If the determination at 606 is YES, at 608, the requested resource is received, and, the method ends. If the determination at 606 is NO, at 610, information is received from the web-based component, and, the method ends.
  • As used in this application, the terms “component” and “system” are intended to refer to a computer-related entity, either hardware, a combination of hardware and software, software, or software in execution. For example, a component can be, but is not limited to being, a process running on a processor, a processor, a hard disk drive, multiple storage drives (of optical and/or magnetic storage medium), an object, an executable, a thread of execution, a program, and/or a computer. By way of illustration, both an application running on a server and the server can be a component. One or more components can reside within a process and/or thread of execution, and a component can be localized on one computer and/or distributed between two or more computers.
  • Referring now to FIG. 7, a block diagram of a computing system 700 operable to execute the disclosed software protection system is illustrated. In order to provide additional context for various aspects thereof, FIG. 7 and the following discussion are intended to provide a brief, general description of a suitable computing system 700 in which the various aspects can be implemented. While the description above is in the general context of computer-executable instructions that may run on one or more computers, those skilled in the art will recognize that a novel embodiment also can be implemented in combination with other program modules and/or as a combination of hardware and software.
  • Generally, program modules include routines, programs, components, data structures, etc., that perform particular tasks or implement particular abstract data types. Moreover, those skilled in the art will appreciate that the inventive methods can be practiced with other computer system configurations, including single-processor or multiprocessor computer systems, minicomputers, mainframe computers, as well as personal computers, hand-held computing devices, microprocessor-based or programmable consumer electronics, and the like, each of which can be operatively coupled to one or more associated devices.
  • The illustrated aspects may also be practiced in distributed computing environments where certain tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules can be located in both local and remote memory storage devices.
  • A computer typically includes a variety of computer-readable media. Computer-readable media can be any available media that can be accessed by the computer and includes volatile and non-volatile media, removable and non-removable media. By way of example, and not limitation, computer-readable media can comprise computer storage media. Computer storage media includes volatile and non-volatile, removable and non-removable media implemented in any method or technology for storage of information such as computer-readable instructions, data structures, program modules or other data. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital video disk (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by the computer.
  • With reference again to FIG. 7, the computing system 700 for implementing various aspects includes a computer 702, the computer 702 including a processing unit 704, a system memory 706 and a system bus 708. The system bus 708 provides an interface for system components including, but not limited to, the system memory 706 to the processing unit 704. The processing unit 704 can be any of various commercially available processors. Dual microprocessors and other multi-processor architectures may also be employed as the processing unit 704.
  • The system bus 708 can be any of several types of bus structure that may further interconnect to a memory bus (with or without a memory controller), a peripheral bus, and a local bus using any of a variety of commercially available bus architectures. The system memory 706 includes read-only memory (ROM) 710 and random access memory (RAM) 712. A basic input/output system (BIOS) is stored in the read-only memory 710 such as ROM, EPROM, EEPROM, which BIOS contains the basic routines that help to transfer information between elements within the computer 702, such as during start-up. The RAM 712 can also include a high-speed RAM such as static RAM for caching data.
  • The computer 702 further includes an internal hard disk drive (HDD) 714 (e.g., EIDE, SATA), which internal hard disk drive 714 may also be configured for external use in a suitable chassis (not shown), a magnetic floppy disk drive (FDD) 716, (e.g., to read from or write to a removable diskette 718) and an optical disk drive 720, (e.g., reading a CD-ROM disk 722 or, to read from or write to other high capacity optical media such as the DVD). The internal hard disk drive 714, magnetic disk drive 716 and optical disk drive 720 can be connected to the system bus 708 by a hard disk drive interface 724, a magnetic disk drive interface 726 and an optical drive interface 728, respectively. The interface 724 for external drive implementations includes at least one or both of Universal Serial Bus (USB) and IEEE 1394 interface technologies.
  • The drives and their associated computer-readable media provide nonvolatile storage of data, data structures, computer-executable instructions, and so forth. For the computer 702, the drives and media accommodate the storage of any data in a suitable digital format. Although the description of computer-readable media above refers to a HDD, a removable magnetic diskette, and a removable optical media such as a CD or DVD, it should be appreciated by those skilled in the art that other types of media which are readable by a computer, such as zip drives, magnetic cassettes, flash memory cards, cartridges, and the like, may also be used in the example operating environment, and further, that any such media may contain computer-executable instructions for performing novel methods of the disclosed architecture.
  • A number of program modules can be stored in the drives and RAM 712, including an operating system 730, one or more application programs 732, other program modules 734 and program data 736. All or portions of the operating system, applications, modules, and/or data can also be cached in the RAM 712. For example, the software protection system 200 can be stored in the drives and/or RAM 712. It is to be appreciated that the disclosed architecture can be implemented with various commercially available operating systems or combinations of operating systems.
  • A user can enter commands and information into the computer 702 through one or more wired/wireless input devices, for example, a keyboard 738 and a pointing device, such as a mouse 740. Other input devices (not shown) may include a microphone, an IR remote control, a joystick, a game pad, a stylus pen, touch screen, or the like. These and other input devices are often connected to the processing unit 704 through an input device interface 742 that is coupled to the system bus 708, but can be connected by other interfaces, such as a parallel port, an IEEE 1394 serial port, a game port, a USB port, an IR interface, etc.
  • A monitor 744 or other type of display device is also connected to the system bus 708 via an interface, such as a video adapter 746. In addition to the monitor 744, a computer typically includes other peripheral output devices (not shown), such as speakers, printers, etc.
  • The computer 702 may operate in a networked environment using logical connections via wired and/or wireless communications to one or more remote computers, such as a remote computer(s) 748. The remote computer(s) 748 can be a workstation, a server computer, a router, a personal computer, portable computer, microprocessor-based entertainment appliance, a peer device or other common network node, and typically includes many or all of the elements described relative to the computer 702, although, for purposes of brevity, only a memory/storage device 750 is illustrated. The logical connections depicted include wired/wireless connectivity to a local area network (LAN) 752 and/or larger networks, for example, a wide area network (WAN) 754. Such LAN and WAN networking environments are commonplace in offices and companies, and facilitate enterprise-wide computer networks, such as intranets, all of which may connect to a global communications network, for example, the Internet.
  • When used in a LAN networking environment, the computer 702 is connected to the LAN 752 through a wired and/or wireless communication network interface or adapter 756. The adapter 756 may facilitate wired or wireless communication to the LAN 752, which may also include a wireless access point disposed thereon for communicating with the wireless adapter 756.
  • When used in a WAN networking environment, the computer 702 can include a modem 758, or is connected to a communications server on the WAN 754, or has other means for establishing communications over the WAN 754, such as by way of the Internet. The modem 758, which can be internal or external and a wired or wireless device, is connected to the system bus 708 via the serial port interface 742. In a networked environment, program modules depicted relative to the computer 702, or portions thereof, can be stored in the remote memory/storage device 750. It will be appreciated that the network connections shown are examples and other means of establishing a communications link between the computers can be used.
  • The computer 702 is operable to communicate with any wireless devices or entities operatively disposed in wireless communication, for example, a printer, scanner, desktop and/or portable computer, portable data assistant, communications satellite, any piece of equipment or location associated with a wirelessly detectable tag (e.g., a kiosk, news stand, restroom), and telephone. This includes at least Wi-Fi and Bluetooth™ wireless technologies. Thus, the communication can be a predefined structure as with a conventional network or simply an ad hoc communication between at least two devices.
  • Wi-Fi, or Wireless Fidelity, allows connection to the Internet from a couch at home, a bed in a hotel room, or a conference room at work, without wires. Wi-Fi is a wireless technology similar to that used in a cell phone that enables such devices, for example, computers, to send and receive data indoors and out; anywhere within the range of a base station. Wi-Fi networks use radio technologies called IEEE 802.11x (a, b, g, etc.) to provide secure, reliable, fast wireless connectivity. A Wi-Fi network can be used to connect computers to each other, to the Internet, and to wired networks (which use IEEE 802.3 or Ethernet).
  • Referring now to FIG. 8, there is illustrated a schematic block diagram of a computing environment 800 that facilitates software validation. The environment 800 includes one or more client(s) 802. The client(s) 802 can be hardware and/or software (e.g., threads, processes, computing devices). The client(s) 802 can house cookie(s) and/or associated contextual information, for example.
  • The environment 800 also includes one or more server(s) 804. The server(s) 804 can also be hardware and/or software (e.g., threads, processes, computing devices). The servers 804 can house threads to perform transformations by employing the architecture, for example. One possible communication between a client 802 and a server 804 can be in the form of a data packet adapted to be transmitted between two or more computer processes. The data packet may include a cookie and/or associated contextual information, for example. The environment 800 includes a communication framework 806 (e.g., a global communication network such as the Internet) that can be employed to facilitate communications between the client(s) 802 and the server(s) 804.
  • Communications can be facilitated via a wired (including optical fiber) and/or wireless technology. The client(s) 802 are operatively connected to one or more client data store(s) 808 that can be employed to store information local to the client(s) 802 (e.g., cookie(s) and/or associated contextual information). Similarly, the server(s) 804 are operatively connected to one or more server data store(s) 810 that can be employed to store information local to the servers 804.
  • Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as example forms of implementing the claims.
  • What has been described above includes examples of the disclosed architecture. It is, of course, not possible to describe every conceivable combination of components and/or methodologies, but one of ordinary skill in the art may recognize that many further combinations and permutations are possible. Accordingly, the novel architecture is intended to embrace all such alterations, modifications and variations that fall within the spirit and scope of the appended claims. Furthermore, to the extent that the term “includes” is used in either the detailed description or the claims, such term is intended to be inclusive in a manner similar to the term “comprising” as “comprising” is interpreted when employed as a transitional word in a claim.

Claims (20)

1. A computer-implemented software protection system, comprising:
a license data store that stores an instance of an application hierarchy; and,
a software license component for manipulating state data of the instance of the application hierarchy to facilitate enforcement of software licensing.
2. The system of claim 1, wherein the license data store and the software license component are components of a client computer system.
3. The system of claim 1, wherein the software license component stores a software licensing rule for manipulating the state data of the instance of the application hierarchy.
4. The system of claim 3, wherein the licensing rule provides for manipulation of state data of the application recursively in a top-down manner.
5. The system of claim 1, wherein the software license component comprises an application program interface that facilitates access of a node of the instance of the application hierarchy stored in the license data store.
6. The system of claim 5, wherein the state data and a property of a particular node can be accessed through the application program interface via an assigned identifier.
7. The system of claim 1, wherein the instance of the application hierarchy comprises a top node and at least one product offering group.
8. The system of claim 7, wherein the product offering group comprises at least one selling unit.
9. The system of claim 7, wherein the instance of the application hierarchy comprises a plurality of product offering groups, each product offering group having at least one selling unit.
10. The system of claim 9, wherein the instance of the application hierarchy comprises a product uniqueness group comprising a particular selling unit from a first product offering group and another particular selling unit from a second product offering group.
11. The system of claim 1, wherein the instance of the application hierarchy stores state data and a property for at least one node.
12. The system of claim 11, wherein the property is associated with a genuine marker associated with the node.
13. The system of claim 12, wherein the software license component propagates the property of one selling unit to a property of another selling unit of a same product offering group.
14. The system of claim 11, wherein the state data is associated with a rearm count.
15. A computer-implemented method of protecting software, comprising:
receiving a request for state data associated with a node of an instance of an application hierarchy;
obtaining state data associated with the node; and,
providing state data associated with the node in response to the received request.
16. The method of claim 15, further comprising:
receiving a request to modify state data associated with the node; and,
storing modified state data associated with the state node.
17. The method of claim 15, wherein the instance of the application hierarchy is stored in a license data store.
18. A computer-implemented method facilitating software validation, comprising:
receiving a request for validation information regarding a node of an instance of an application hierarchy; and,
providing validation information based upon state data stored in the node of the instance of the application hierarchy.
19. The method of claim 18, further comprising determining whether the validation information provides that the node is valid.
20. The method of claim 19, further comprising:
providing a request for a resource to a web-base validation component;
receiving the requested resource, if the validation information provides that the node is valid; and,
receiving information from the web-based component, if the validation information provides that the node is not valid.
US12/145,506 2008-06-25 2008-06-25 Application hierarchy and state manipulation Active 2030-10-28 US8538889B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/145,506 US8538889B2 (en) 2008-06-25 2008-06-25 Application hierarchy and state manipulation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US12/145,506 US8538889B2 (en) 2008-06-25 2008-06-25 Application hierarchy and state manipulation

Publications (2)

Publication Number Publication Date
US20090327090A1 true US20090327090A1 (en) 2009-12-31
US8538889B2 US8538889B2 (en) 2013-09-17

Family

ID=41448608

Family Applications (1)

Application Number Title Priority Date Filing Date
US12/145,506 Active 2030-10-28 US8538889B2 (en) 2008-06-25 2008-06-25 Application hierarchy and state manipulation

Country Status (1)

Country Link
US (1) US8538889B2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140165053A1 (en) * 2012-12-07 2014-06-12 International Business Machines Corporation License management system

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9652812B2 (en) 2014-07-01 2017-05-16 International Business Machines Corporation Obtaining software asset insight by analyzing collected metrics using analytic services
CN107015915B (en) * 2015-10-28 2019-07-26 威盛电子股份有限公司 Nonvolatile memory device and control method thereof
US9449189B1 (en) 2015-11-03 2016-09-20 International Business Machines Corporation Protection of state data in computer system code
US11663320B2 (en) 2021-01-12 2023-05-30 Bank Of America Corporation System and methods for automated software analysis and classification

Citations (44)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5191646A (en) * 1986-11-20 1993-03-02 Hitachi, Ltd. Display method in software development support system
US5581797A (en) * 1993-10-22 1996-12-03 Lucent Technologies Inc. Method and apparatus for displaying hierarchical information of a large software system
US5758068A (en) * 1995-09-19 1998-05-26 International Business Machines Corporation Method and apparatus for software license management
US5973687A (en) * 1996-12-18 1999-10-26 Sun Microsystems, Inc. Graphical distributed make tool methods apparatus and computer program products
US6157915A (en) * 1998-08-07 2000-12-05 International Business Machines Corporation Method and apparatus for collaboratively managing supply chains
US6169976B1 (en) * 1998-07-02 2001-01-02 Encommerce, Inc. Method and apparatus for regulating the use of licensed products
US20020129106A1 (en) * 2001-03-12 2002-09-12 Surgency, Inc. User-extensible system for manipulating information in a collaborative environment
US20040034770A1 (en) * 2002-08-15 2004-02-19 Microsoft Corporation Method and system for using a web service license
US6725367B2 (en) * 2001-01-29 2004-04-20 Microsoft Corporation Methods and systems for constructing and interpreting hierarchical configuration files
US20040093593A1 (en) * 2002-08-08 2004-05-13 Microsoft Corporation Software componentization
US20040117631A1 (en) * 1998-06-04 2004-06-17 Z4 Technologies, Inc. Method for digital rights management including user/publisher connectivity interface
US20040153658A1 (en) * 2003-01-31 2004-08-05 Microsoft Corporation Systems and methods for deterring software piracy in a volume license environment
US20040193545A1 (en) * 2000-10-30 2004-09-30 Gady Shlasky Method and system for digital licensing distribution
US20050015343A1 (en) * 2002-09-11 2005-01-20 Norihiro Nagai License management device, license management method, and computer program
US20050055692A1 (en) * 2003-09-05 2005-03-10 International Business Machines Corporation Method of building dynamic installation packages using a declarative authoring tool
US20050091168A1 (en) * 2003-10-24 2005-04-28 Microsoft Corporation Programming interface for licensing
US20050102652A1 (en) * 2003-11-07 2005-05-12 Sony Corporation System and method for building software suite
US20050114265A1 (en) * 2003-11-26 2005-05-26 Lingan Satkunanathan Real-time license enforcement system and method
US6904523B2 (en) * 1999-03-08 2005-06-07 Spyrus, Inc. Method and system for enforcing access to a computing resource using a licensing attribute certificate
US20050183058A1 (en) * 2004-02-13 2005-08-18 Microsoft Corporation Fast flattening of nested streams
US20050251487A1 (en) * 2004-04-23 2005-11-10 Microsoft Corporation Rendering digital content in a content protection system according to a plurality of chained digital licenses
US20060021012A1 (en) * 2004-06-21 2006-01-26 Canon Kabushiki Kaisha Image forming apparatus, license managing method for applications executed by image forming apparatus, program for implementing the method, and storage medium storing the program
US7024393B1 (en) * 1999-03-27 2006-04-04 Microsoft Corporation Structural of digital rights management (DRM) system
US20060085355A1 (en) * 1996-02-26 2006-04-20 Graphon Corporation Downloadable software package incorporating license management software
US20060089917A1 (en) * 2004-10-22 2006-04-27 Microsoft Corporation License synchronization
US7076496B1 (en) * 2001-02-23 2006-07-11 3Com Corporation Method and system for server based software product release version tracking
US20060178778A1 (en) * 2005-02-10 2006-08-10 Fuhlbrigge Thomas A Method and apparatus for developing a software program
US20060184590A1 (en) * 2005-02-14 2006-08-17 Microsoft Corporation Maintaining and managing metering data for a subsidized computer
US7107482B2 (en) * 2001-03-05 2006-09-12 Omron Corporation Program update apparatus and method
US20060242081A1 (en) * 2005-04-26 2006-10-26 Microsoft Corporation Supplementary trust model for software licensing/commercial digital distribution policy
US20060242183A1 (en) * 2005-04-25 2006-10-26 Microsoft Corporation Declaratively extended hierarchical configuration system and method
US20060259949A1 (en) * 1999-05-12 2006-11-16 Softricity, Inc. Policy based composite file system and method
US7188335B1 (en) * 2001-12-28 2007-03-06 Trilogy Development Group, Inc. Product configuration using configuration patterns
US20070083860A1 (en) * 2005-10-12 2007-04-12 Microsoft Corporation SKU determination mechanism and API
US20070130079A1 (en) * 2005-11-23 2007-06-07 Microsoft Corporation Enforcing subscription validity
US20070143223A1 (en) * 2005-12-16 2007-06-21 Microsoft Corporation Caching information for kernel and boot components
US7234636B1 (en) * 2000-09-27 2007-06-26 Diebold Self-Service Systems, Division Of Diebold, Incorporated Cash dispensing automated banking machine software authorization system and method
US20070277038A1 (en) * 2006-05-25 2007-11-29 General Dynamics C4 Systems, Inc. Method for authentication of software within a product
US20080082449A1 (en) * 2006-09-29 2008-04-03 Rockwell Automation Technologies, Inc. Authentication for licensing in an embedded system
US20080091613A1 (en) * 2006-09-28 2008-04-17 Microsoft Corporation Rights management in a cloud
US20080306874A1 (en) * 2007-06-06 2008-12-11 White Charles A System and method for managing a product through a distribution chain
US7487353B2 (en) * 2004-05-20 2009-02-03 International Business Machines Corporation System, method and program for protecting communication
US20090276269A1 (en) * 2008-05-05 2009-11-05 Oracle International Corp Software identifier based correlation
US7657545B2 (en) * 2003-03-12 2010-02-02 Intotality Pty Ltd Automated application discovery and analysis system and method

Patent Citations (44)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5191646A (en) * 1986-11-20 1993-03-02 Hitachi, Ltd. Display method in software development support system
US5581797A (en) * 1993-10-22 1996-12-03 Lucent Technologies Inc. Method and apparatus for displaying hierarchical information of a large software system
US5758068A (en) * 1995-09-19 1998-05-26 International Business Machines Corporation Method and apparatus for software license management
US20060085355A1 (en) * 1996-02-26 2006-04-20 Graphon Corporation Downloadable software package incorporating license management software
US5973687A (en) * 1996-12-18 1999-10-26 Sun Microsystems, Inc. Graphical distributed make tool methods apparatus and computer program products
US20040117631A1 (en) * 1998-06-04 2004-06-17 Z4 Technologies, Inc. Method for digital rights management including user/publisher connectivity interface
US6169976B1 (en) * 1998-07-02 2001-01-02 Encommerce, Inc. Method and apparatus for regulating the use of licensed products
US6157915A (en) * 1998-08-07 2000-12-05 International Business Machines Corporation Method and apparatus for collaboratively managing supply chains
US6904523B2 (en) * 1999-03-08 2005-06-07 Spyrus, Inc. Method and system for enforcing access to a computing resource using a licensing attribute certificate
US7024393B1 (en) * 1999-03-27 2006-04-04 Microsoft Corporation Structural of digital rights management (DRM) system
US20060259949A1 (en) * 1999-05-12 2006-11-16 Softricity, Inc. Policy based composite file system and method
US7234636B1 (en) * 2000-09-27 2007-06-26 Diebold Self-Service Systems, Division Of Diebold, Incorporated Cash dispensing automated banking machine software authorization system and method
US20040193545A1 (en) * 2000-10-30 2004-09-30 Gady Shlasky Method and system for digital licensing distribution
US6725367B2 (en) * 2001-01-29 2004-04-20 Microsoft Corporation Methods and systems for constructing and interpreting hierarchical configuration files
US7076496B1 (en) * 2001-02-23 2006-07-11 3Com Corporation Method and system for server based software product release version tracking
US7107482B2 (en) * 2001-03-05 2006-09-12 Omron Corporation Program update apparatus and method
US20020129106A1 (en) * 2001-03-12 2002-09-12 Surgency, Inc. User-extensible system for manipulating information in a collaborative environment
US7188335B1 (en) * 2001-12-28 2007-03-06 Trilogy Development Group, Inc. Product configuration using configuration patterns
US20040093593A1 (en) * 2002-08-08 2004-05-13 Microsoft Corporation Software componentization
US20040034770A1 (en) * 2002-08-15 2004-02-19 Microsoft Corporation Method and system for using a web service license
US20050015343A1 (en) * 2002-09-11 2005-01-20 Norihiro Nagai License management device, license management method, and computer program
US20040153658A1 (en) * 2003-01-31 2004-08-05 Microsoft Corporation Systems and methods for deterring software piracy in a volume license environment
US7657545B2 (en) * 2003-03-12 2010-02-02 Intotality Pty Ltd Automated application discovery and analysis system and method
US20050055692A1 (en) * 2003-09-05 2005-03-10 International Business Machines Corporation Method of building dynamic installation packages using a declarative authoring tool
US20050091168A1 (en) * 2003-10-24 2005-04-28 Microsoft Corporation Programming interface for licensing
US20050102652A1 (en) * 2003-11-07 2005-05-12 Sony Corporation System and method for building software suite
US20050114265A1 (en) * 2003-11-26 2005-05-26 Lingan Satkunanathan Real-time license enforcement system and method
US20050183058A1 (en) * 2004-02-13 2005-08-18 Microsoft Corporation Fast flattening of nested streams
US20050251487A1 (en) * 2004-04-23 2005-11-10 Microsoft Corporation Rendering digital content in a content protection system according to a plurality of chained digital licenses
US7487353B2 (en) * 2004-05-20 2009-02-03 International Business Machines Corporation System, method and program for protecting communication
US20060021012A1 (en) * 2004-06-21 2006-01-26 Canon Kabushiki Kaisha Image forming apparatus, license managing method for applications executed by image forming apparatus, program for implementing the method, and storage medium storing the program
US20060089917A1 (en) * 2004-10-22 2006-04-27 Microsoft Corporation License synchronization
US20060178778A1 (en) * 2005-02-10 2006-08-10 Fuhlbrigge Thomas A Method and apparatus for developing a software program
US20060184590A1 (en) * 2005-02-14 2006-08-17 Microsoft Corporation Maintaining and managing metering data for a subsidized computer
US20060242183A1 (en) * 2005-04-25 2006-10-26 Microsoft Corporation Declaratively extended hierarchical configuration system and method
US20060242081A1 (en) * 2005-04-26 2006-10-26 Microsoft Corporation Supplementary trust model for software licensing/commercial digital distribution policy
US20070083860A1 (en) * 2005-10-12 2007-04-12 Microsoft Corporation SKU determination mechanism and API
US20070130079A1 (en) * 2005-11-23 2007-06-07 Microsoft Corporation Enforcing subscription validity
US20070143223A1 (en) * 2005-12-16 2007-06-21 Microsoft Corporation Caching information for kernel and boot components
US20070277038A1 (en) * 2006-05-25 2007-11-29 General Dynamics C4 Systems, Inc. Method for authentication of software within a product
US20080091613A1 (en) * 2006-09-28 2008-04-17 Microsoft Corporation Rights management in a cloud
US20080082449A1 (en) * 2006-09-29 2008-04-03 Rockwell Automation Technologies, Inc. Authentication for licensing in an embedded system
US20080306874A1 (en) * 2007-06-06 2008-12-11 White Charles A System and method for managing a product through a distribution chain
US20090276269A1 (en) * 2008-05-05 2009-11-05 Oracle International Corp Software identifier based correlation

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140165053A1 (en) * 2012-12-07 2014-06-12 International Business Machines Corporation License management system
US9201640B2 (en) * 2012-12-07 2015-12-01 International Business Machines Corporation License management system

Also Published As

Publication number Publication date
US8538889B2 (en) 2013-09-17

Similar Documents

Publication Publication Date Title
JP7177576B2 (en) Runtime self-modification for blockchain ledgers
US20210352099A1 (en) System for automatically discovering, enriching and remediating entities interacting in a computer network
US9864672B2 (en) Module specific tracing in a shared module environment
US9298588B2 (en) Tracing system for application and module tracing
US8255355B2 (en) Adaptive method and system with automatic scanner installation
US9311213B2 (en) Module database with tracing options
JP4890811B2 (en) Validate dynamically generated operations against the data store
US9122998B2 (en) Catalog-based software license reconciliation
US8739298B2 (en) Method and system for enforcing a license dependency rule for a software application
US7650346B2 (en) User-defined type consistency checker
US20100146014A1 (en) Extendable business type system in a performance management platform
US20070118572A1 (en) Detecting changes in data
US20160132314A1 (en) Remote configuration management of applications
US10691622B2 (en) Intents and locks with intent
US8850596B2 (en) Data leakage detection in a multi-tenant data architecture
US8538889B2 (en) Application hierarchy and state manipulation
US8087015B2 (en) Assignment of application models to deployment targets
US8260761B2 (en) Detecting performance degrading design and algorithm issues in database applications
US10509641B2 (en) Optimizing feature deployment based on usage pattern
US20210182054A1 (en) Preventing unexpected behavior in software systems due to third party artifacts
JP2008508577A5 (en)
US20190114350A1 (en) Systems, Methods, and Apparatuses for Implementing Concurrent Dataflow Execution with Write Conflict Protection Within a Cloud Based Computing Environment
US8332335B2 (en) Systems and methods for decision pattern identification and application
US20230334344A1 (en) Distributed ledger based machine-learning model management
US20080222611A1 (en) Generic validation layer for object properties

Legal Events

Date Code Title Description
AS Assignment

Owner name: MICROSOFT CORPORATION, WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BHAVE, AJAY ARVIND;ZAGORSKI, MARK WALTER;SOULAMI, TARIK;AND OTHERS;REEL/FRAME:021365/0811

Effective date: 20080807

STCF Information on status: patent grant

Free format text: PATENTED CASE

AS Assignment

Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC, WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MICROSOFT CORPORATION;REEL/FRAME:034564/0001

Effective date: 20141014

FPAY Fee payment

Year of fee payment: 4

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 8